Spectral-clustering-based abnormal permission assignments hunting framework
Migrating traditional access control,such as mandatory and discretionary access control,into role-based access control(RBAC)lightens a practical way to improve the user-permission management efficiency.To guarantee the security of RBAC system,it is important to generate proper roles during the migra...
Saved in:
Main Authors: | , , , |
---|---|
Format: | Article |
Language: | zho |
Published: |
Editorial Department of Journal on Communications
2017-12-01
|
Series: | Tongxin xuebao |
Subjects: | |
Online Access: | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2017285/ |
Tags: |
Add Tag
No Tags, Be the first to tag this record!
|
_version_ | 1841539536509730816 |
---|---|
author | Liang FANG Li-hua YIN Feng-hua LI Bin-xing FANG |
author_facet | Liang FANG Li-hua YIN Feng-hua LI Bin-xing FANG |
author_sort | Liang FANG |
collection | DOAJ |
description | Migrating traditional access control,such as mandatory and discretionary access control,into role-based access control(RBAC)lightens a practical way to improve the user-permission management efficiency.To guarantee the security of RBAC system,it is important to generate proper roles during the migration.However,abnormal user-permission configurations lead to wrong roles and cause tremendous security risks.To hunt the potential abnormal user-permission configurations,a novel spectral clustering based abnormal configuration hunting framework was proposed and recommendations were given to correct these configurations.Experimental results show its performance over existing solutions. |
format | Article |
id | doaj-art-cb26381d028d4e90bab30182011203e7 |
institution | Kabale University |
issn | 1000-436X |
language | zho |
publishDate | 2017-12-01 |
publisher | Editorial Department of Journal on Communications |
record_format | Article |
series | Tongxin xuebao |
spelling | doaj-art-cb26381d028d4e90bab30182011203e72025-01-14T07:13:28ZzhoEditorial Department of Journal on CommunicationsTongxin xuebao1000-436X2017-12-0138637259713897Spectral-clustering-based abnormal permission assignments hunting frameworkLiang FANGLi-hua YINFeng-hua LIBin-xing FANGMigrating traditional access control,such as mandatory and discretionary access control,into role-based access control(RBAC)lightens a practical way to improve the user-permission management efficiency.To guarantee the security of RBAC system,it is important to generate proper roles during the migration.However,abnormal user-permission configurations lead to wrong roles and cause tremendous security risks.To hunt the potential abnormal user-permission configurations,a novel spectral clustering based abnormal configuration hunting framework was proposed and recommendations were given to correct these configurations.Experimental results show its performance over existing solutions.http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2017285/access controlabnormal configurationsspectral clustering |
spellingShingle | Liang FANG Li-hua YIN Feng-hua LI Bin-xing FANG Spectral-clustering-based abnormal permission assignments hunting framework Tongxin xuebao access control abnormal configurations spectral clustering |
title | Spectral-clustering-based abnormal permission assignments hunting framework |
title_full | Spectral-clustering-based abnormal permission assignments hunting framework |
title_fullStr | Spectral-clustering-based abnormal permission assignments hunting framework |
title_full_unstemmed | Spectral-clustering-based abnormal permission assignments hunting framework |
title_short | Spectral-clustering-based abnormal permission assignments hunting framework |
title_sort | spectral clustering based abnormal permission assignments hunting framework |
topic | access control abnormal configurations spectral clustering |
url | http://www.joconline.com.cn/zh/article/doi/10.11959/j.issn.1000-436x.2017285/ |
work_keys_str_mv | AT liangfang spectralclusteringbasedabnormalpermissionassignmentshuntingframework AT lihuayin spectralclusteringbasedabnormalpermissionassignmentshuntingframework AT fenghuali spectralclusteringbasedabnormalpermissionassignmentshuntingframework AT binxingfang spectralclusteringbasedabnormalpermissionassignmentshuntingframework |